Design/Logic Flaw

The cook codec in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, RealPlayer Enterprise 2.1.2, Mac RealPlayer 11.0 through 11.1, and Linux RealPlayer 11.0.2.1744 does not properly initialize the number of channels, which allows attackers to obtain unspecified "memory...

CVE-2010-2579

The CVE-2010-2579 issue affects RealNetworks RealPlayer family (RealPlayer 11.0–11.1, RealPlayer SP 1.0–1.1.4, Enterprise 2.1.2, Mac 11.x, Linux 11.0.2.1744). The root cause is a failure to properly initialize the Cook codec’s channel count, leading to use of uninitialized memory and memory acces...

CVE-2010-0121

The cook codec in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, Mac RealPlayer 11.0 through 12.0.0.1444, and Linux RealPlayer 11.0.2.1744 does not properly perform initialization, which has unspecified impact and attack vectors...

CVE-2010-0121

CVE-2010-0121 affects RealNetworks RealPlayer family (RealPlayer 11.x, RealPlayer SP 1.x, Mac RealPlayer 11.x–12.0.0.1444, Linux RealPlayer 11.0.2.1744). The vulnerability is in the RealAudio cook codec uninitialised memory during parsing, per NVD and Secunia Secunia Research advisory; impact is ...

CVE-2010-4377

The CVE-2010-4377 entry corresponds to a RealPlayer heap-based buffer overflow in RealPlayer 11.0–11.1, RealPlayer SP 1.0–1.1.5, Mac RealPlayer 11.0–12.0.0.1444, and Linux RealPlayer 11.0.2.1744. The underlying issue occurs when processing the cook audio codec data in a Real Audio file, where spe...

VMware Products Memory Corruption and Buffer Overflow Vulnerability (VMSA-2010-0018) - Windows

VMWare products are prone to memory corruption and buffer overflow vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescripti...

RealNetworks RealPlayer Cook Audio Codec Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious media file. The specific flaw exists in the...

Fedora Update for libvpx FEDORA-2010-17876

Check for the Version of libvpx OpenVAS Vulnerability Test Fedora Update for libvpx FEDORA-2010-17876 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

Fedora Update for libvpx FEDORA-2010-17893

Check for the Version of libvpx OpenVAS Vulnerability Test Fedora Update for libvpx FEDORA-2010-17893 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

VMware Products Multiple Vulnerabilities (VMSA-2010-0018)

A VMware product Player, Workstation, Server, or Movie Decoder detected on the remote host has one or more of the following vulnerabilities : - A vulnerability in VMware Tools update could allow arbitrary code execution on non-Windows based guest operating systems with root privileges...

CVE-2010-4294

The frame decompression functionality in the VMnc media codec in VMware Movie Decoder before 6.5.5 build 328052 and 7.x before 7.1.2 build 301548, VMware Workstation 6.5.x before 6.5.5 build 328052 and 7.x before 7.1.2 build 301548 on Windows, VMware Player 2.5.x before 2.5.5 build 246459 and 3.x...

Memory corruption

The frame decompression functionality in the VMnc media codec in VMware Movie Decoder before 6.5.5 build 328052 and 7.x before 7.1.2 build 301548, VMware Workstation 6.5.x before 6.5.5 build 328052 and 7.x before 7.1.2 build 301548 on Windows, VMware Player 2.5.x before 2.5.5 build 246459 and 3.x...

CVE-2010-4294

The frame decompression functionality in the VMnc media codec in VMware Movie Decoder before 6.5.5 build 328052 and 7.x before 7.1.2 build 301548, VMware Workstation 6.5.x before 6.5.5 build 328052 and 7.x before 7.1.2 build 301548 on Windows, VMware Player 2.5.x before 2.5.5 build 246459 and 3.x...

[SECURITY] Fedora 13 Update: libvpx-0.9.5-2.fc13

libvpx provides the VP8 SDK, which allows you to integrate your applications with the VP8 video codec, a high quality, royalty free, open source codec deployed on millions of computers and devices worldwide...

[SECURITY] Fedora 14 Update: libvpx-0.9.5-2.fc14

libvpx provides the VP8 SDK, which allows you to integrate your applications with the VP8 video codec, a high quality, royalty free, open source codec deployed on millions of computers and devices worldwide...

Winamp VP6 Content Parsing Buffer Overflow Vulnerability

Winamp is prone to heap-based buffer overflow vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RealPlayer for Windows < Build 12.0.1.609 Multiple Vulnerabilities

According to its build number, the installed version of RealPlayer on the remote Windows host is affected by multiple vulnerabilities: - An error in the 'Cook' codec initialization function and can be used to access uninitialized memory. CVE-2010-0121 - Freed pointer access in the handling of the...

USN-1015-1: libvpx vulnerability

Christoph Diehl discovered that libvpx did not properly perform bounds checking. If an application using libvpx opened a specially crafted WebM file, an attacker could cause a denial of service or possibly execute code as the user invoking the program...

Apple Quicktime Sorenson Video Codec Decoding Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple's Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way...

DEBIAN-CVE-2010-4203

WebM libvpx aka the VP8 Codec SDK before 0.9.5, as used in Google Chrome before 7.0.517.44, allows remote attackers to cause a denial of service memory corruption or possibly execute arbitrary code via invalid frames...